2012 Global Threats and Trends

John Yeo, EMEA Director, SpiderLabs
In today’s cyber world, it’s no longer a matter of “if” a data breach will occur, but “when.” Organizations around the world, from the local corner store to the global enterprise, all need to understand current data security risks in order to mitigate them.

The Trustwave 2012 Global Security Report identifies the top threats encountered by businesses over the past year. Based on an analysis of Trustwave data sources, including more than 300 incident investigations, 2,000 penetration tests conducted by Trustwave SpiderLabs, and 2 million network and application vulnerability scans, the report provides a roadmap for any organization that needs to improve and update their information security strategy.

The Trustwave 2012 Global Security Report highlights top data security risk areas, offering predictions on future targets based on analysis and perceived trends. By learning from others’ data vulnerabilities, and applying tactical and strategic change outlined in this report, any organization will be better able to reduce data threats and loss.
Jun 21 2012
42 mins
2012 Global Threats and Trends
More from this community:

IT Security

  • Live and recorded (5607)
  • Upcoming (135)
  • Date
  • Rating
  • Views
  • Channel
  • Channel profile
  • When Do Managed Security Services Make Sense? May 27 2015 5:00 pm UTC 45 mins
    Guest Speaker: Ed Ferrara, Principal Analyst, Forrester Research, Mark Stevens, VP Global Services, Digital Guardian
    The importance of protecting sensitive data is gaining visibility at the C-level and the Boardroom. It’s a difficult task, made even more so by the shortage of security experts. One option that more and more companies are pursuing is the use of managed security services. This can enable them to employ sophisticated technologies and processes to detect security incidents in a cost-effective manner. Should managed security be a component of your security mix?

    In this webinar, Ed Ferrara of Forrester and Mark Stevens of Digital Guardian will discuss:

     When does it make sense to utilize managed security services

     How to the scope the services your company contracts out

     Questions to ask when evaluating managed security services providers

     The key criteria for selecting managed security providers
  • All About the Base: Test Drive FortiGate-VMX from Hypervisor and up May 27 2015 4:00 pm UTC 45 mins
    Cynthia Hsieh, Director of Product Marketing, Cloud and SDN product, Fortinet.
    Server virtualization is a mature technology. More than 70% of all x86 architecture workloads are running in VMs on top of hypervisors. With the increase in virtualization of mission critical workloads plus clustering and high availability, it’s more challenging than ever to get the visibility and dynamic rule settings for North-South and East-West traffic. In this session, no future hype, learn what is happened today with FortiGate-VMX use cases to secure all of your hypervisors and provide a real-world agility traffic testing using Ixia Breakingpoint for the proof.
  • Human-Centered Design and Data Science May 27 2015 3:00 pm UTC 45 mins
    Dean Malmgren, Partner and Data Scientist, Datascope Analytics
    When you hear someone say, “that is a nice infographic” or “check out this sweet dashboard,” many people infer that they are “well-designed.” Creating accessible (or for the cynical, “pretty”) content is only part of what makes good design powerful. The human-centered design process is geared toward solving specific problems. This process has been formalized in many ways (e.g., IDEO’s Human Centered Design, Marc Hassenzahl’s User Experience Design, or Braden Kowitz’s Story-Centered Design), but the basic idea is that you have to explore the breadth of the possible before you can isolate truly innovative ideas.

    In this talk, I'll share some lessons we've learned from the human-centered design process and how those lessons can be used by other data science practitioners.
  • SIEM Roadmap 2015 May 27 2015 3:00 pm UTC 30 mins
    Tom Clare, Director, Arctic Wolf
    Security event management continues to evolve as data breaches put more pressure on detective defenses providing continuous monitoring. Many companies have invested strongly in preventive defenses to stop attacks before they infect. Now the game changes to detecting the unknown and this requires scale and performance of SIEM solutions with increasing context for depth and visibility in the hands of security experts with an analytics mindset. Not everyone can play on this field, learn your options.

    Attendees will learn:
    - SIEM architecture changes for visibility
    - Increasing complexity of data analytics to explore
    - SIEM taxonomy and trade-offs between generations
    - Analyst recommendations & best practices
    - Why resources are key to SIEM success
  • Addressing Challenges in Securing the Software Defined Data Center May 27 2015 8:00 am UTC 60 mins
    Claudio Salmin, Fortinet Consulting Systems Engineer
    Data center security is being reshaped by virtualisation, consolidation, and promising new technologies such as Software Defined Networking (SDN).
    The adoption of the SDDC brings new challenges such as inspecting East-West traffic without the need to compromise on all the benefits of today's physical appliances.
  • A Best Practice Blueprint for eGRC May 26 2015 6:00 pm UTC 60 mins
    Brandon Dunlap (Moderator); Renee Murphy, Forester; Mike Rost, MetricStream; Vivek Shivananda, Rsam.
    With the increased regulation and scrutiny of the past decade, it is important for organizations to implement best practices in order to maintain control and achieve compliance with evolving regulatory requirements.

    Compliance teams of the brave new world are set up to discuss risks with the key business leaders, and have sufficient resources to ensure company compliance programs are implemented effectively. Their software applications for managing enterprise governance, risk management, and compliance (eGRC) continue to mature with impressive features and functions, and they are making notable strategic advances by linking these three business functions for more informed decision-making, to reduce risk exposure, lower audit costs, and demonstrate compliance.

    To replicate similar success in your eGRC program, you will need to focus on selling GRC value, practicing good GRC project management, and embedding GRC into corporate culture. Join this educational panel webinar as our experts delve deeper into this, and identify the best practices for implementing an eGRC program in 2015.
  • DDoS Attacks Are a Serious Threat to U.S. Companies, Not for Reasons You'd Think May 26 2015 5:00 pm UTC 45 mins
    Margee Adams, Director of Product Marketing, Neustar
    Neustar, in its annual DDoS Attacks Report shares critical DDoS trending data from real companies from across industries. Learn how companies are ramping up DDoS protection tactics and why.
  • Top 5 Cloud Data Loss Disasters of 2014 May 26 2015 5:00 pm UTC 60 mins
    Trace Ronning, Content Marketing Manager, eFolder
    With companies adopting SaaS applications more rapidly than ever before, the risk of cloud data loss has also risen. As many as 40% of companies that use cloud based applications have reported data loss since 2013, according to reports from the Aberdeen group and Symantec – but until cloud data disasters hit home, businesses tend not to prioritize cloud data backup.

    In this BrightTALK-exclusive webinar, you’ll learn about the biggest cloud data losses of the year, and how to make sure they don’t happen in your organization.
  • POS Attacks Persist: Fight Back with 5 Key Defense Strategies May 26 2015 5:00 pm UTC 60 mins
    Ken Dang, Product Marketing Manager, Dell Security
    2014 was a year pack with hacker attacks on payment card infrastructures but we’re not out of the woods yet. Dell’s threat research team have regularly observed new active pieces of advanced Point-of-Sales (POS) malware in 2015. Why so many retailers still soft targets? For cyber criminals, retail is where the money is. The possibility of spiriting away and selling thousands or millions of credit card details and chunks of consumer information is powerful incentive.
  • 2015 Cyberthreat Defense Report May 26 2015 5:00 pm UTC 45 mins
    Steve Piper, CEO, CyberEdge and Hal Lonas, CTO, Webroot
    This presentation provides key findings from the 2015 Cyberthreat Defense Report from the analyst firm CyberEdge. Based on a survey of IT security decision makers and practitioners across North America and Europe, the report examines the current and planned deployment of security measures, including the use of threat intelligence. It also provides developers of IT security technologies and products with answers they need to better align their solutions with the concerns and requirements of end users.
  • Large Scale, High Performance Visibility Plane for Cloud and Web Service Recorded: May 21 2015 48 mins
    Gordon Beith, Director of Product Management
    This webinar will describe the challenges faced by cloud and web service providers when attempting to monitor, manage, and troubleshoot across large data centers and networks, whether fully owned or hosted. It will describe the benefits of using a unified visibility plane as the solution to address these challenges, in a cost-effective and streamlined manner, whether it is for security, performance, and/or troubleshooting purposes.
  • Preventing Threats using Machine Learning, Contextualization and Predictability Recorded: May 21 2015 36 mins
    David Dufour, Senior Director of Security Architecture, Webroot
    With the rapidly accelerating nature of attacks on network infrastructure and software systems approaches such as static block lists, manual policy configurations and other current prevention techniques have become outdated. Through the use of distributed computing, contextualization and machine learning it is possible to build tools that analyze data across multiple threat vectors allowing for the development of predictive algorithms and a greater understanding of an organizations threat landscape. We will walk through common machine learning techniques, discuss contextualization, how predictive logic works and see a demonstration of contextualized threat intelligence.
  • How Fraudsters Steal Identities Recorded: May 21 2015 53 mins
    Fred Crawley, Managing Editor, Credit Today and David Pope, Marketing Director, Jumio
    This webinar will explore the methods criminals use to perpetrate fraud and steal identities and what you can do to secure your business without taking a hit on transaction completion and revenue.

    We'll cover:

    1. The common approaches used in identity theft and how they apply to e-commerce.

    - the coffee shop wifi hack
    - the local government census
    - social media techniques
    - the offer you can't refuse
    - the catchers supermarkets

    2. Firsthand research from the Jumio team and what they uncovered when they interviewed convicted ex-fraudsters, professional criminologists, law enforcement practitioners and fraud managers to uncover some of the exploits that fraudsters use.
  • Ponemon Institute: The Cost of Time To Identify & Contain Advanced Threats Recorded: May 21 2015 57 mins
    Dr. Larry Ponemon, Ponemon Institute + Arabella Hallawell, VP of Corporate Strategy, Arbor Networks
    The purpose of our study was to better understand the cyber-security challenges facing financial services enterprises as well as both conventional and Internet retail companies.


    Attend this webinar to learn:
    - The state of ATs and DDoS attacks in the two verticals
    - How companies deal with advanced threats and denial of service attacks
    -Industry differences: financial services vs. retail companies
  • Data Sovereignty and the Cloud Recorded: May 21 2015 48 mins
    Holger Mueller, VP & Principal Analyst, Constellation Research and Todd Partridge, Director of Product Marketing, Intralinks
    Cloud computing has broken down traditional geographic borders, and defining data ‘location’ has become more complex. Global enterprises embracing the cloud must deal with the compliance and risk challenges that arise when information is distributed across multiple physical, logical, and legal locations.

    Join our guest Holger Mueller, Vice President and Principal Analyst, Constellation Research, and Todd Partridge, Product Marketing Director, as they explore the challenges of information governance in the cloud:

    - The critical emerging topic of data sovereignty and jurisdiction
    - How governments are responding in different ways to the questions of data privacy and ownership
    - What organizations must do to address the varying requirements and regulatory environments
  • Data Security: 3 Ways to Protect Your Company from the Inside Out Recorded: May 20 2015 42 mins
    Guest Speaker: Chris Berube, Director of IT at Law Offices of Joe Bornstein
    There seems to be news of a major data breach in the headlines almost every week. Conventional wisdom suggests that securing the network and perimeter of an IT environment should be enough to protect a company from a breach – but what if that breach originates internally? How can a situation like this be averted? Today companies need to protect themselves from the inside out by first recognizing which of their data is sensitive and then ensuring that it’s properly secured.

    Join us and learn how Chris Berube, Director of IT at Law Offices of Joe Bornstein, has rethought information security in order to protect his company from the inside out.

    We’ll discuss how to:
    1.Identify files which contain sensitive information
    2.Audit user files to track suspicious activities
    3.Monitor proactively when secured data has been moved to public shares
  • Leveraging Next-Gen SIEM For Security Intelligence: A Buyer’s Perspective Recorded: May 19 2015 47 mins
    Paul Lynch, Director of Data Security & Networks, American Board of Internal Medicine
    Chartered with securing both the PII of over 250,000 physicians and a vast amount of highly valued intellectual property amidst a rapidly evolving threat landscape, Paul Lynch, Director of Data Security and Networks at the American Board of Internal Medicine (ABIM), recognized the need to move beyond a traditional SIEM, and employ a more holistic approach to Security Intelligence.

    In this CISO Executive Network webinar, Mr. Lynch will share with you the path he took to go from defining ABIM’s core security intelligence requirements to making his ultimate selection. The path included establishing a detailed score card for evaluating various SIEM solutions, moving from eight vendors’ to a short list of four, then testing and ultimately selecting a unified platform for ABIM.

    Whether you have an existing SIEM platform and are overwhelmed by its complexity, inadequate visibility to today’s advance threats or the manpower required to manage it, or you’re considering deploying SIEM for the first time, you’ll benefit greatly by joining us for this webinar.

    Key themes to be covered include:
    • SIEM for Security vs. IT Operations – understanding and prioritizing your options
    • Establishing a score card to evaluate vendors and solutions
    • How to leveraging market research and outside perspectives to inform your decision
    • Considering total cost of ownership (price, deployment, implementation, usability, management)
  • IDS for Security Analysts: How to Get Actionable Insights from your IDS Recorded: May 19 2015 59 mins
    Joe Schreiber, AlienVault; Grant Leonard, Castra Consulting; Tony Simone, Castra Consulting
    The fun with IDS doesn't stop after installation, in fact, that's really where the fun starts. Join our panel of IDS experts for an educational discussion that will help you make sense of your IDS data, starting from Day 1. We will discuss signature manipulation, event output, and the three "P's" - policy, procedure and process. We won't stop there either! You'll find out the meaning behind the terms all the cool kids are using like "False Positives" and "Baselining". We'll round it out with more information about how IDS interacts with the rest of your IT applications and infrastructure. If you installed an IDS and are wondering what to do next then signup now!Asset Discovery - creating an inventory of running instances
    Vulnerability Assessment - conducting scans to assess exposure to attack, and prioritize risks
    Change Management - detect changes in your AWS environment and insecure network access control configurations
    S3 & ELB Access Log Monitoring - Monitor access logs of hosted content and data directed at your instance
    CloudTrail Monitoring and Alerting - Monitor the CloudTrail service for abnormal behavior
    Windows Event Monitoring - Analyze system level behavior to detect advanced threats
    We'll finish up with a demo of AlienVault USM for AWS, which delivers all of the above capabilities, plus log management & event correlation to help you detect threats quickly and comply with regulatory requirements.
  • Key Security Insights: Examining 2014 to predict what's coming in 2015 Recorded: May 14 2015 52 mins
    Ken Dang, Product Marketing Manager, Dell Security
    It’s clear that cyber-crimes are alive and well on the global stage and will only continue to be pervasive as long as organizations prolong taking the necessary defense measures to stop threats from slipping through the cracks. In this Dell Security Annual Threat webcast, we’ll present the most common attacks Dell SonicWALL observed in 2014 and the ways we expect emergent threats to affect small and medium businesses, as well as large enterprises, throughout 2015. Our goal is not to frighten, but to inform and provide organizations of all sizes with practical advice that will help them adjust their practices to more effectively prepare for and prevent attacks, even from threat sources that have yet to emerge.
  • Cloud Access Security—Keep Sensitive Data Safe and Compliant in the Cloud Recorded: May 14 2015 48 mins
    Albert Biketi, VP and general manager of HP Atalla and HP Security Voltage
    The exploding use of cloud applications like Office 365, Google Apps, and SalesForce CRM is giving enterprises unprecedented agility. But it also brings new challenges in ensuring data security and demonstrating compliance. In this webinar HP Atalla shows why many enterprises are turning to HP Cloud Access Security Protection platform to protect sensitive data in SaaS cloud deployments.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: 2012 Global Threats and Trends
  • Live at: Jun 21 2012 4:00 pm
  • Presented by: John Yeo, EMEA Director, SpiderLabs
  • From:
Your email has been sent.
or close
You must be logged in to email this